回顾“tcpip协议套件安全问题”外文翻译.doc
约25页DOC格式手机打开展开
回顾“tcpip协议套件安全问题”外文翻译,a look back at “security problems in the tcp/ip protocol suite”steven m. bellovinat&t labs—researchbellovin@acm.orgabstractabout fifteen years ago, i wrote a pa...
内容介绍
此文档由会员 wanli1988go 发布
A Look Back at ¡°Security Problems in the TCP/IP Protocol Suite¡±
Steven M. Bellovin
AT&T Labs¡ªResearch
bellovin@acm.org
Abstract
About fifteen years ago, I wrote a paper on security problems
in the TCP/IP protocol suite, In particular, I focused on
protocol-level issues, rather than implementation flaws. It
is instructive to look back at that paper, to see where my focus
and my predictions were accurate, where I was wrong,
and where dangers have yet to happen. This is a reprint of
the original paper, with added commentary.
1. Introduction
The paper ¡°Security Problems in the
TCP/IP Protocol Suite¡± was originally published
in Computer Communication Review,
Vol. 19, No. 2, in April, 1989. It was a
protocol-level analysis; I intentionally did not
consider implementation or operational issues.
I felt¡ªand still feel¡ªthat that was the
right approach. Bugs come and go, and everyone¡¯s
operational environment is different.
»Ø¹Ë¡°TCP/IPÐÒéÌ×¼þ°²È«ÎÊÌ⡱
ÕªÒª
´óԼʮÎåÄêÇ°£¬ÎÒдÁËһƪ¹ØÓÚTCP/ IPÐÒ鰲ȫÎÊÌâµÄÂÛÎÄ£¬ÎÒÌرð²àÖØÓÚÐÒé²ãÃæµÄÎÊÌ⣬¶ø²»ÊÇʵʩµÄȱÏÝ¡£»Ø¹ËÄÇƪÂÛÎÄȷʵ¾ßÓÐÖ¸µ¼ÒâÒå¡£Ëü¿ÉÒÔÖ¸µ¼ÎÒÈ¥¿´¿´ÄÄÀïµÄÖصãºÍÔ¤²âÊÇ׼ȷµÄ£¬ÄÄÀïÊÇ´íµÄ£¬»¹ÓÐÄÄÀïµÄΣÏÕÉÐδ·¢Éú¡£ÕâÊÇÒ»¸öÔÚÔÀ´ÂÛÎÄ»ù´¡ÉϼÓÁËÆÀ×¢µÄÖØÓ¡¸å¡£
1.ÒýÑÔ
¸ÃÂÛÎÄÖеġ°TCP/ IPÐÒéÌ×¼þµÄ°²È«ÎÊÌ⡱×î³õÊÇÔÚ1989Äê4Ô¡¶¼ÆËã»úͨÐÅÑо¿¡·µÚ19¾íµÚ2ºÅ³ö°æ¡£ÕâÊÇÒ»¸öÐÒé²ãÃæµÄ·ÖÎö£¬ÎÒ¹ÊÒâ²»¿¼ÂÇʵʩ»òÒµÎñÎÊÌâ¡£ÎÒ¾õµÃ¶øÇÒÈÔÈ»¾õµÃ£¬ÄÇÊÇÕýÈ·µÄ×ö·¨¡£´íÎóÀ´À´È¥È¥£¬´ó¼ÒµÄ¾Óª»·¾³ÊDz»Í¬µÄ¡£µ«½â¾öÐÒé²ãÃæµÄÎÊÌâºÜÄÑ£¬ÌرðÊÇÈç¹ûÄãÏë±£³ÖÓë°²×°»ù´¡µÄ¼æÈÝÐÔ¡£
±¾ÎÄÊÇÎÒµÄÔ´´×÷Æ·µÄ»Ø¹Ë¡£ÐµÄÆÀ×¢ÒÔÎÞ³ÄÏß×ÖÌ壬Ëõ½ø·½Ê½ÏÔʾ¡£³ýÁËÍƳöʱ´Ótroffµ½LAT EXת»»Ê±¿ÉÄ@@öÏֵĴíÎóÖ®Í⣬ÆäËûÔÎÄ×Ö±£³Ö²»±ä¡£ÎÒÒѾÀ뿪ÁËÍêÕûµÄ²Î¿¼£¬¼´Ê¹ÏÖÔÚÓиüºÃµÄ°æ±¾¡£µ±È»£¬²Î¿¼ºÅÂëºÍ·ÖÒ³ÊDz»Í¬µÄ£»½ÚÊý±£³Ö²»±ä£¬³ýÁËÒ»¸öеġ°½áÂÛ¡°²¿·Ö¡£×÷Ϊһ°ã¹æÔò£¬ÆÀ×¢¸úËæÆäËùÌÖÂÛµÄÕ½ڡ£
Steven M. Bellovin
AT&T Labs¡ªResearch
bellovin@acm.org
Abstract
About fifteen years ago, I wrote a paper on security problems
in the TCP/IP protocol suite, In particular, I focused on
protocol-level issues, rather than implementation flaws. It
is instructive to look back at that paper, to see where my focus
and my predictions were accurate, where I was wrong,
and where dangers have yet to happen. This is a reprint of
the original paper, with added commentary.
1. Introduction
The paper ¡°Security Problems in the
TCP/IP Protocol Suite¡± was originally published
in Computer Communication Review,
Vol. 19, No. 2, in April, 1989. It was a
protocol-level analysis; I intentionally did not
consider implementation or operational issues.
I felt¡ªand still feel¡ªthat that was the
right approach. Bugs come and go, and everyone¡¯s
operational environment is different.
»Ø¹Ë¡°TCP/IPÐÒéÌ×¼þ°²È«ÎÊÌ⡱
ÕªÒª
´óԼʮÎåÄêÇ°£¬ÎÒдÁËһƪ¹ØÓÚTCP/ IPÐÒ鰲ȫÎÊÌâµÄÂÛÎÄ£¬ÎÒÌرð²àÖØÓÚÐÒé²ãÃæµÄÎÊÌ⣬¶ø²»ÊÇʵʩµÄȱÏÝ¡£»Ø¹ËÄÇƪÂÛÎÄȷʵ¾ßÓÐÖ¸µ¼ÒâÒå¡£Ëü¿ÉÒÔÖ¸µ¼ÎÒÈ¥¿´¿´ÄÄÀïµÄÖصãºÍÔ¤²âÊÇ׼ȷµÄ£¬ÄÄÀïÊÇ´íµÄ£¬»¹ÓÐÄÄÀïµÄΣÏÕÉÐδ·¢Éú¡£ÕâÊÇÒ»¸öÔÚÔÀ´ÂÛÎÄ»ù´¡ÉϼÓÁËÆÀ×¢µÄÖØÓ¡¸å¡£
1.ÒýÑÔ
¸ÃÂÛÎÄÖеġ°TCP/ IPÐÒéÌ×¼þµÄ°²È«ÎÊÌ⡱×î³õÊÇÔÚ1989Äê4Ô¡¶¼ÆËã»úͨÐÅÑо¿¡·µÚ19¾íµÚ2ºÅ³ö°æ¡£ÕâÊÇÒ»¸öÐÒé²ãÃæµÄ·ÖÎö£¬ÎÒ¹ÊÒâ²»¿¼ÂÇʵʩ»òÒµÎñÎÊÌâ¡£ÎÒ¾õµÃ¶øÇÒÈÔÈ»¾õµÃ£¬ÄÇÊÇÕýÈ·µÄ×ö·¨¡£´íÎóÀ´À´È¥È¥£¬´ó¼ÒµÄ¾Óª»·¾³ÊDz»Í¬µÄ¡£µ«½â¾öÐÒé²ãÃæµÄÎÊÌâºÜÄÑ£¬ÌرðÊÇÈç¹ûÄãÏë±£³ÖÓë°²×°»ù´¡µÄ¼æÈÝÐÔ¡£
±¾ÎÄÊÇÎÒµÄÔ´´×÷Æ·µÄ»Ø¹Ë¡£ÐµÄÆÀ×¢ÒÔÎÞ³ÄÏß×ÖÌ壬Ëõ½ø·½Ê½ÏÔʾ¡£³ýÁËÍƳöʱ´Ótroffµ½LAT EXת»»Ê±¿ÉÄ@@öÏֵĴíÎóÖ®Í⣬ÆäËûÔÎÄ×Ö±£³Ö²»±ä¡£ÎÒÒѾÀ뿪ÁËÍêÕûµÄ²Î¿¼£¬¼´Ê¹ÏÖÔÚÓиüºÃµÄ°æ±¾¡£µ±È»£¬²Î¿¼ºÅÂëºÍ·ÖÒ³ÊDz»Í¬µÄ£»½ÚÊý±£³Ö²»±ä£¬³ýÁËÒ»¸öеġ°½áÂÛ¡°²¿·Ö¡£×÷Ϊһ°ã¹æÔò£¬ÆÀ×¢¸úËæÆäËùÌÖÂÛµÄÕ½ڡ£